package com.huwei.modules.base.shiro;


import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

import com.huwei.modules.base.util.jwt.JwtUtil;
import com.huwei.modules.base.util.jwt.Token;

public class AuthenRealm extends AuthorizingRealm {

	@Override
	public boolean supports(AuthenticationToken token) {
		return true;
	}

	/**
	 * 登录认证
	 */
	@Override
	protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authcToken)
			throws AuthenticationException {
		Token token = (Token) authcToken.getCredentials();
		if(token == null) {
			throw new RuntimeException("token 无效！");
		}
//    	if(JwtUtil.definedUtil().isInvalid(token)) {
//    		throw new RuntimeException("token一个过期，无效token");
//    	}
		if (JwtUtil.definedUtil().isTimeout(token)) {
			// 过期处理
		}
		return new SimpleAuthenticationInfo(authcToken.getPrincipal(), token, AuthenRealm.class.getName());

	}

	/**
	 * 权限认证
	 */
	@Override
	protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {
//		Map<String,String> userInfo = (Map<String, String>) SecurityUtils.getSubject().getPrincipal();
//       //读取数据库设置权限
//       Set<String> permission = new HashSet<String>();
//       permission.add("user");
//       return new SimpleAuthorizationInfo(permission);
		return null;
	}
}
